Syndicate content

What is the 255 in "iptables -A INPUT -p icmp --icmp-type 255 -j ACCEPT"?

The following command adds a rule to your iptable firewall:

iptables -A INPUT -p icmp --icmp-type 255 -j ACCEPT

As we can see, the rule accepts protocol ICMP and uses ICMP type 255. Only, if you look for a list of valid ICMP types, 255 is not included.

The fact is that this rule actually says: accept any ICMP type. If you changed the ACCEPT with DROP, it would refuse all ICMP packets. In most cases, it is safe to accept ICMP packets since they do not divulge more information than necessary.

Note that in your firewall script, you may use "any" instead of 255. That will make it clearer. However, when you check out your firewall, it will show the rule as follow:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts   bytes target  prot opt in   out  source     destination

2432  326450 ACCEPT  icmp --  eth0 *    0.0.0.0/0  0.0.0.0/0    icmptype 255

and as you can see, it says 255 and not any. So this is something you want to know about. The meaning of ICMP type 255 is: All ICMP types included. This is an internal interpretation of the ICMP type value and not a type of mask or anything of the sort.

Reference: https://www.frozentux.net/iptables-tutorial/chunkyhtml/a6339.html

Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Salesperson
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165

     

Terms of Site Index

Find the page/content you are looking for with our index.

  • Gibbon
  • callback
  • hosts
  • imap_open
  • logo

    The term logo usually references a small image or icon used to represent a business or product. In computing, there is also the LOGO language, a simplified version of the lisp language, if I may.